Waging Cyberwar on Iran's Nuclear Program
by MUHAMMAD SAHIMI in Los Angeles
08 Oct 2010 03:06
[ analysis ] Ever since February 9, 2003, when the existence of the uranium enrichment facility in Natanz was formally announced by then President Mohammad Khatami of Iran, an unholy alliance of the Israel lobby in the United States, the neoconservatives, and the group of people that antiwar activists such as myself refer to as the War Party have suggested all sorts of ways to destroy Iran's nuclear program. Never mind that article IV of the Nuclear Non-proliferation Treaty, of which Iran was the very first signatory, recognizes its full right to nuclear technology, including uranium enrichment, for peaceful purposes.
In a seven-part series that I began posting in October 2003 -- the first six parts of which are here, and the seventh here -- I have explained all the relevant issues regarding the program. I have also posted many more articles on the subject here.
As I have explained in an article, there is so much propaganda and exaggerations, and so many half-truths, half-baked half-truths, and outright lies about the program that it has become an article of faith of the mainstream media in the United States and Europe to routinely talk about Iran's nonexistent "nuclear weapons program." Western officials speak as if the International Atomic Energy Agency (IAEA) has actually uncovered solid evidence -- or as former IAEA Director General Mohamed ElBaradei put it, a smoking gun -- for such a weapons program, though none has ever been found. Even the U.S. Congress got into the act of making unsubstantiated claims about Iran's nuclear program, prompting the IAEA to take the unusual step of issuing a letter that protested the House of Representatives' report.
In fact, the National Intelligence Estimate (NIE) of November 2007, representing the consensus of all 16 U.S. intelligence agencies, stated that Iran stopped its "nuclear weapons program" in 2003, even though it actually never presented any evidence, at least publicly, that such a program existed even prior to that date. For at least a year, there have been reports of a new NIE on Iran's nuclear program, but none has been released. Credible reports indicate that the reason is that the intelligence community has been resisting political pressure to change its view regarding the nature of Iran's nuclear program.
And what are the ways that have been suggested by the Israel lobby, the neoconservatives, and the War Party to "get rid" of Iran's nuclear program? Military attacks have had a prominent place in the list of "options." The drumbeats of war with Iran have indeed been getting louder.
In the latest call to war, Senator Lindsey Graham (R- SC), speaking at that bastion of warmongers, the American Enterprise Institute, called for bombing raids not only to destroy Iran's nuclear facilities, but also the nation's industrial capacity to the extent that the Islamic Republic would topple. Sanctions have also been called for, which indeed have been imposed by several United Nations Security Council resolutions, on top of the unilateral economic sanctions imposed by the United States and its allies.
But two other approaches have also been suggested to tackle Iran's nuclear program that had not been talked about much, even though they have been in place for many years. One is to "decapitate" the program either by assassinating its leading figures -- scientists, engineers, and managers -- or encouraging them to defect to the West. The second approach, likewise suggested long ago, was creating industrial accidents by, for example, planting viruses to infect the computers that help run Iran's nuclear facilities.
For example, Michael Eisenstadt, director of Military and Security Studies Program at the Washington Institute for Near East Policy (WINEP), an offshoot of the AIPAC, the chief Israel lobby, suggested in "The Challenges of U.S. Preventive Military Action" -- a chapter of Checking Iran's Nuclear Ambitions (2004), edited by Patrick Clawson and Henry Sokolski -- the following covert actions against Iran's nuclear facilities (see pages 121 and 122):
Harassment or murder of key Iranian scientists or technicians;
introduction of fatal design flaws into critical reactor, centrifuge, or weapons components during their production, to ensure catastrophic failure during use;
introduction of destructive viruses into Iranian computer systems controlling the production of components or the operation of facilities;
damage or destruction of critical facilities through sabotage...
Eisenstadt's suggestion for murdering Iranian scientists or technicians is tantamount to state-sponsored terrorism. So, in his view, terrorism is committed only by weaker countries or groups against powerful nations. Eisenstadt does not also consider sabotage as either state-sponsored terrorism, or against international laws. In his view, international laws are good only so long as they advance the interests of powerful nations!
It is also completely clear that Eisenstadt has no notion of what constitutes a catastrophic failure in an industrial complex. We are talking about a system that includes nuclear reactors and nuclear materials. Any catastrophic accident or system failure in any large-scale industrial complex, let alone a nuclear facility, has immense consequences in terms of lost lives, long-term health problems, human suffering, and economic and environmental damage. We need only to recall what happened in Bhopal, India -- a nonnuclear accident -- and in Chernobyl, Ukraine -- a nuclear accident -- to see the consequences of a catastrophic industrial failure. Eisenstadt later tried to clarify what he had said, but his explanation amounted to hair splitting.
Another Iran pundit at the WINEP is its deputy director for research, the aforementioned Patrick Clawson -- see here for his latest writing on Iran. For some time, Clawson has advocated sabotage and the creation of industrial accidents in Iran's nuclear energy facilities. He was quoted in an October 15, 2004, article in the Los Angeles Times stating, "In an ideal world, the United States could disrupt Iran's nuclear program through covert means, such as corrupting software programs." In another article, he was quoted going even further: "The idea that the only contingency plan available is to use U.S. air raids is not true. Given the shoddy design of the Russian nuclear plants whose blueprints Iran is using for its facilities, one could well imagine that there could be catastrophic industrial accidents." At a WINEP conference, Clawson then declared,
Look, if we could find a way in which we could introduce computer viruses which caused the complete shutdown of the Bushehr system before it became operational, that would be delightful.
If we could find ways in which these very complicated centrifuges, which are spinning at such high speeds, could develop stability problems and fly apart, and the cascade [of the centrifuges] could be destroyed, I think that would be delightful.
That is what we get when pundits who have no knowledge about the scientific and technological issues involving uranium enrichment and nuclear reactors speak up.
Empty centrifuges do not usually spin. Centrifuges usually spin at high speeds when they are fully loaded with uranium hexafluoride in a gaseous state, used for enriching uranium. Destroying the cascade of spinning centrifuges, from which Clawson would derive delight, thus implies rapidly spreading the uranium compound everywhere and causing casualties. He also stated,
And, indeed, if we could find a way to create an industrial accident of the scale of the Three Mile Island which did not cause a single fatality, which would prevent Bushehr from becoming operational, I think that would also be very helpful.
Clawson's contention is that a nuclear accident of the type and scale of the Three Mile Island would not cause any fatalities. Clearly, he had not done his homework. All one need do to understand the fallacy of the claim is watch the award-winning documentary Three Mile Island Revisited. As its distributor describes, the video
directly challenges the claim of the nuclear industry and government that "no one died" from the core meltdown of the Three Mile Island nuclear power plant in 1979, America's worst nuclear disaster. Through the testimony of area residents and scientific experts, the documentary presents compelling evidence that cancer deaths and birth defects increased in the area surrounding the Pennsylvania plant.
The interested reader can also read "People Died at Three Mile Island," chapter 14 of a seminal book by Harvey Wasserman and Normon Solomon, Killing Our Own, the Disaster of America's Experience with Atomic Radiation, to learn more about the chilling facts of this nuclear accident, from birth defects and heightened child mortality rates to increased deaths from cancer.
Eisenstadt's and Clawson's statements were made six years ago. Why am I bringing them up now? Because "suddenly" a new computer worm, Stuxnet, began infecting Iran's computer systems, including some at Bushehr. The Internet is full of speculations about who designed the worm, what its targets are, and so forth. See, in particular, the blog by Richard Silverstein, who has been closely following developments in the matter. Stuxnet is a Windows-specific computer worm that was originally discovered in June 2010 by a security firm based in Belarus. It is designed to specifically to attack supervisory control and data acquisition (SCADA) systems that are used to control and monitor industrial processes. But while the world has been acting surprised, attempts to disrupt Iran's nuclear program and industrial capacity by creating accidents and assassinating key personnel, as indicated, have in fact a long history.
In July 2001, Col. Ali Mahmoudi Mimand, known as the father of Iran's missile program, was found dead in his office with a bullet in his head. No culprit was ever identified, but most analysts believed that he was assassinated by foreign agents. Dr. Ardeshir Hassanpour, a prominent figure in Iran's nuclear program, was murdered on January 15, 2007. Stratfor.com reported that Israel's Mossad had murdered Hassanpour. It is known that a large number of other Iraqi nuclear scientists have either disappeared or been killed.
Brigadier General Ali-Reza Asgari, who was deputy defense minister in the Khatami administration, disappeared on February 7, 2007, in Istanbul, Turkey. Iran's position is that Asgari was abducted, but it is widely believed that he defected to the West, and may even have played a leading role in alerting Israel and the United States to the construction of Syria's nuclear reactor, which was destroyed when Israel bombed the site in September 2007.
In May 2009, Shahram Amiri, a junior scientist who was supposedly involved in Iran's nuclear program, disappeared during a trip to Saudi Arabia. He eventually emerged in the United States, but after several seemingly contradictory videos of him were posted on YouTube, he became an embarrassment to the Obama administration and was allowed to return to Iran. It is not clear that his short-lived defection was fruitful from a U.S. point of view.
The attempt to disrupt Iran's nuclear program by industrial accidents and through cyberwarfare also has an extensive history. First, there was Operation Merlin during the Clinton administration, even before the Natanz uranium enrichment facility was known to exist. According to James Risen, the intelligence correspondent for the New York Times, in February 2000 the CIA assigned a Russian nuclear scientist who had defected the task of providing deliberately flawed blueprints for nuclear warheads to Iran. As Risen explains in his book State of War: The Secret History of the CIA and the Bush Administration, Operation Merlin backfired because the terrified Russian defector recognized the flaws and, hoping to protect himself as well as enhancing his credibility with Iran, pointed them out to his Iranian counterpart. According to the book, Operation Merlin may even have helped accelerate Iran's nuclear program.
A former CIA official told the Guardian that, in addition to Operation Merlin, there had been other attempts to set back Iran's "suspected nuclear weapons program." According to him, "There were a number of occasions when Iran was found to be acquiring equipment for nuclear weapons and rather than stop it, they fiddled with the equipment, particularly computer equipment, before it got to Iran," although the IAEA has never uncovered any evidence of a nuclear weapon program.
According to Risen, in 2004 a CIA agent sent an Iranian agent an encrypted electronic message, mistakenly including data that could potentially identify every CIA agent inside Iran. The Iranian was a double agent and handed over the information to Iran's Ministry of Intelligence. "Several of the Iranian agents were arrested and jailed, while the fates of some of the others are still unknown," Risen wrote in his book.
As for the Stuxnet worm, it has been known for some time that Israel has been trying to use cyberwarfare in order to disrupt Iran's nuclear program, perhaps in the belief that military attacks are too costly an alternative.
At the same time, even before the news about Stuxnet began to spread, there had been other tantalizing evidence of cyberwarfare efforts by the United States and/or Israel. For example, it has been known for over a year that the Natanz facility has been experiencing severe problems and roughly half of the close to 8,000 centrifuges installed there have not been working. The problem could at least partly be due to the computer problems caused by the Stuxnet worm. In fact, Randy Abrams, director of technical education at ESET, said, "It appears that it is possible that Stuxnet may have been responsible for problems in Iran's nuclear program over the past year -- however that is speculation and it is unlikely that the Iranian government is going to say if that was the case. It is even possible that it was the case and they don't know it."
Although the worm was discovered this past July, it is now known that its first version appeared in early 2009.
In addition, when Israeli Prime Minister Benjamin Netanyahu visited with President Barack Obama in Washington recently, it was reported that the issue of Iran was not at the top of their agenda. Why? Perhaps because both leaders knew about the damage that Stuxnet was causing to Iran's nuclear program.
Iran has confirmed that Stuxnet has infected close to 30,000 computers in Iran, including several at Bushehr.
The worm has also appeared in India, Indonesia, and China. According to the data of U.S.-based computer security company Symantec, 60 percent of all the computers in the world that have been infected by the worm are in Iran, while Russia-based Kaspersky puts the figure below 10 percent. Still, in terms of plausibly linked effects, it seems clear that the primary target was Iran.
Ali Akbar Salehi, head of the Atomic Energy Organization of Iran, has said that full operation of the Bushehr reactor will be postponed by at least two months, although he did not say that the delay was due to the worm.
Indeed, he insisted that the main systems of the plant itself were untouched. "This contamination has not reached our main system. It was detected in some personal laptops and necessary measures were taken in this regard. Our main system is clean," he said. There are ample speculations that Stuxnet was specifically written to disrupt the work of the Bushehr reactor.
A major problem with Stuxnet is that it can reinfect the scrubbed computers; it will therefore not be easy to eliminate the worm from Iran's computer system.
It has been reported to be mutating and inflicting more damage on computerized industrial equipments in Iran. Hamid Alipour, deputy chief of Iran's Information Technology Company, was quoted as saying, "The attack is still ongoing and new versions of this virus are spreading."
In his blog, Richard Silverstein has speculated that Unit 8200 (read, Unit Eight Two-hundred), the largest unit in the Israel Defense Forces, may have been involved in infecting Iran's computer with Stuxnet. Unit 8200 is responsible for collecting signal intelligence and code decryption and is comparable in function to the U.S. National Security Agency. Others have reported that there is a marker with the digits 19790509 in the Stuxnet code, which has been speculated to refer to May 9, 1979. That is the day Habib Elghanian, the wealthy Jewish Iranian businessman, was executed by the revolutionary government that had taken power less than three months earlier. He was the first, and one of the very few, Iranian Jews to have been executed since the 1979 Revolution. John Markoff and David E. Sanger of the New York Times have speculated on a connection between the Stuxnet code and a Biblical reference to the Book of Esther, a tale in the Old Testament according to which the Jews preempted a Persian plot to destroy them.
Although the worm appears to have infected some computers in Bushehr, the main target of Stuxnet must be the Natanz enrichment facility. As mentioned earlier, it has been known for over a year -- coinciding with the first appearance of the worm -- that the facility has been experiencing severe problems. Evidence for Natanz being the main target has been described by Mark Clayton of the Christian Science Monitor.
He quotes Frank Rieger, a researcher with the GSMK, a Berlin encryption company that has been helping governments deal with the worm, as saying that Stuxnet has been designed to take control of programmable logic controllers (PLCs) of the thousands of identical centrifuges at Natanz, each of which has a small computer that oversees its temperature, operating speed, flow of cooling water, and other aspects. Silverstein speculates that another task of Stuxnet might be obtaining information about Iran's entire nuclear program.
Aside from the illegal nature of such attacks under international law, what is not mentioned at all by the mainstream media is the possibility that such cyberwarfare on the Bushehr reactor or the uranium enrichment facility at Natanz could create a catastrophic accident capable of killing thousands of innocent people. It is as if the potential human toll in terms of innocent Iranians has no significance. All that the mainstream media is concerned with and speculates about is what kind of damage may be inflicted on Iran's nuclear program, a program that at least so far has been a totally peaceful one.
Image by J. Anderson via The Tech Herald.
Copyright © 2010 Tehran Bureau